<?php
class functions extends Config_Var{
// kiem tra sql injection
	public function sql_injection(){  
		$cautruyvan = $_SERVER['QUERY_STRING'];
		$tukhoa = array('chr(', 'chr=', 'chr%20', '%20chr', 'wget%20', '%20wget', 'wget(',
				   'cmd=', '%20cmd', 'cmd%20', 'rush=', '%20rush', 'rush%20',
					'union%20', '%20union', 'union(', 'union=', 'echr(', '%20echr', 'echr%20', 'echr=',
					'esystem(', 'esystem%20', 'cp%20', '%20cp', 'cp(', 'mdir%20', '%20mdir', 'mdir(',
					'mcd%20', 'mrd%20', 'rm%20', '%20mcd', '%20mrd', '%20rm',
					'mcd(', 'mrd(', 'rm(', 'mcd=', 'mrd=', 'mv%20', 'rmdir%20', 'mv(', 'rmdir(',
					'chmod(', 'chmod%20', '%20chmod', 'chmod(', 'chmod=', 'chown%20', 'chgrp%20', 'chown(', 'chgrp(',
					'locate%20', 'grep%20', 'locate(', 'grep(', 'diff%20', 'kill%20', 'kill(', 'killall',
					'passwd%20', '%20passwd', 'passwd(', 'telnet%20', 'vi(', 'vi%20',
					'insert%20into', 'select%20', 'nigga(', '%20nigga', 'nigga%20', 'fopen', 'fwrite', '%20like', 'like%20',
					'$_request', '$_get', '$request', '$get', '.system', 'HTTP_PHP', '&aim', '%20getenv', 'getenv%20',
					'new_password', '&icq','/etc/password','/etc/shadow', '/etc/groups', '/etc/gshadow',
					'HTTP_USER_AGENT', 'HTTP_HOST', '/bin/ps', 'wget%20', 'uname\x20-a', '/usr/bin/id',
					'/bin/echo', '/bin/kill', '/bin/', '/chgrp', '/chown', '/usr/bin', 'g\+\+', 'bin/python',
					'bin/tclsh', 'bin/nasm', 'perl%20', 'traceroute%20', 'ping%20', '.pl', '/usr/X11R6/bin/xterm', 'lsof%20',
					'/bin/mail', '.conf', 'motd%20', 'HTTP/1.', '.inc.php', 'config.php', 'cgi-', '.eml',
					'file\://', 'window.open', '<SCRIPT>', 'javascript\://','img src', 'img%20src','.jsp','ftp.exe',
					'xp_enumdsn', 'xp_availablemedia', 'xp_filelist', 'xp_cmdshell', 'nc.exe', '.htpasswd',
					'servlet', '/etc/passwd', 'wwwacl', '~root', '~ftp', '.js', '.jsp', 'admin_', '.history',
					'bash_history', '.bash_history', '~nobody', 'server-info', 'server-status', 'reboot%20', 'halt%20',
					'powerdown%20', '/home/ftp', '/home/www', 'secure_site, ok', 'chunked', 'org.apache', '/servlet/con',
					'<script', '/robot.txt' ,'/perl' ,'mod_gzip_status', 'db_mysql.inc', '.inc', 'select%20from',
					'select from', 'drop%20', '.system', 'getenv', 'http_', '_php', 'php_', 'phpinfo()', '<?php', '?>', 'sql=');
		
		$kiemtra = str_replace($tukhoa, '*', $cautruyvan);
		if ($cautruyvan != $kiemtra){
			$cremotead = $_SERVER['REMOTE_ADDR'];
			$cuseragent = $_SERVER['HTTP_USER_AGENT'];
			return false;  // co tan cong
		}else{
			return true;   // ok
		}
	}
// doi tu chuoi co dau sang ko co dau
	public function ConverUnicode($text){		
		$chars = array("a","A","e","E","o","O","u","U","i","I","d", "D","y","Y");		
		$uni[0] = array("á","à","ạ","ả","ã","â","ấ","ầ", "ậ","ẩ","ẫ","ă","ắ","ằ","ặ","ẳ","� �");
		$uni[1] = array("Á","À","Ạ","Ả","Ã","Â","Ấ","Ầ", "Ậ","Ẩ","Ẫ","Ă","Ắ","Ằ","Ặ","Ẳ","� �");
		$uni[2] = array("é","è","ẹ","ẻ","ẽ","ê","ế","ề" ,"ệ","ể","ễ");
		$uni[3] = array("É","È","Ẹ","Ẻ","Ẽ","Ê","Ế","Ề" ,"Ệ","Ể","Ễ");
		$uni[4] = array("ó","ò","ọ","ỏ","õ","ô","ố","ồ", "ộ","ổ","ỗ","ơ","ớ","ờ","ợ","ở","� �");
		$uni[5] = array("Ó","Ò","Ọ","Ỏ","Õ","Ô","Ố","Ồ", "Ộ","Ổ","Ỗ","Ơ","Ớ","Ờ","Ợ","Ở","� �");
		$uni[6] = array("ú","ù","ụ","ủ","ũ","ư","ứ","ừ", "ự","ử","ữ");
		$uni[7] = array("Ú","Ù","Ụ","Ủ","Ũ","Ư","Ứ","Ừ", "Ự","Ử","Ữ");
		$uni[8] = array("í","ì","ị","ỉ","ĩ");
		$uni[9] = array("Í","Ì","Ị","Ỉ","Ĩ");
		$uni[10] = array("đ");
		$uni[11] = array("Đ");
		$uni[12] = array("ý","ỳ","ỵ","ỷ","ỹ");
		$uni[13] = array("Ý","Ỳ","Ỵ","Ỷ","Ỹ");
		
		for($i=0; $i<=13; $i++) {
		$text = str_replace($uni[$i],$chars[$i],$text);
		}

		return $text;
	}		
// cat chuoi thanh url
	public function Url_Unicode($str){
		$str=$this->ConverUnicode($str);
		$str=str_replace(' ','-',$str);
		$uni=array(" ", "!", "@", "#", "$", "%", "^", "&", "*", "(", ")", "+", "=", ":", ",", ";", "|", "/", "?", "~", "'", "\"", ".");
		$str = str_replace($uni,'',$str);
		if(!preg_match('/^[a-zA-Z0-9-]+$/',$str)){
			$str="";
		}
		return strtolower($str);
	}
// cat chuoi theo quy  dinh
	public function DisplayWord($str,$num){
		$str= str_replace("\r\n","<br />",$str);
		$len=strlen(trim($str));
		if($len<=0||!preg_match('/^[0-9]+$/',$num)){
			return NULL;
		}
		$Count=0;
		for($i=0;$i<$len;$i++){	
			if($str{$i}==" "){
				$Count++;
			}
		}
		if($Count==0||$Count<=$num){
			return $str;
		}
		else{
			$Count=1;	
			for($i=0;$i<$len;$i++){		
				if($Count>$num){			
					return $str=substr($str,0,$i).' ...';
				}
				if($str{$i}==" "){
					$Count++;
				}
			}	
			if($Count<$num){
				return $str;//=substr($str,0,$len-1);
			}
		}
	}
// submit theo get
	public function html_get($text){		
		$kq='';
		if(isset($_GET[$text])){
			$kq=$_GET[$text];			
			$kq = str_replace("&","&amp;",$kq);// &
			$kq = str_replace('\'',"&#039;",$kq);// '
			$kq = str_replace(">","&gt;",$kq);// >
			$kq = str_replace("<","&lt;",$kq);// <
			$kq = str_replace("?","&#63;",$kq);// ?
			$kq = str_replace('\'',"&#039;",$kq);// '
			$kq = str_replace('\"','&quot;',$kq);// "	
		}
		return $kq;
	}	
// submit theo post
	public function html_post($text){		
		$kq='';
		if(isset($_POST[$text])){
			$kq=$_POST[$text];
			$kq = str_replace("&","&amp;",$kq);// &
			$kq = str_replace('\'',"&#039;",$kq);// '
			$kq = str_replace(">","&gt;",$kq);// >
			$kq = str_replace("<","&lt;",$kq);// <
			$kq = str_replace("?","&#63;",$kq);// ?
			$kq = str_replace('\'',"&#039;",$kq);// '
			$kq = str_replace('\"','&quot;',$kq);// "	
		}
		return $kq;
	}
	public function full_url(){
		$s = empty($_SERVER["HTTPS"]) ? '' : ($_SERVER["HTTPS"] == "on") ? "s" : "";
		$protocol = substr(strtolower($_SERVER["SERVER_PROTOCOL"]), 0, strpos(strtolower($_SERVER["SERVER_PROTOCOL"]), "/")) . $s;
		$port = ($_SERVER["SERVER_PORT"] == "80") ? "" : (":".$_SERVER["SERVER_PORT"]);
		return $protocol . "://" . $_SERVER['SERVER_NAME'] . $port . $_SERVER['REQUEST_URI'];
	}
// get session
	public function GetSession($name){
		if(isset($_SESSION[$name])){
			return $_SESSION[$name];
		}else{
			return '';
		}		
	}
// gan session
	public function SetSession($name,$value){		
		$_SESSION[$name]=$value;			
	}
// xoa session
	public function DelSession($name){
		if(isset($_SESSION[$name])){
			unset($_SESSION[$name]);
		}		
	}
// dinh dang ngay
	public function Date_format($date){		
		return 	$date;
	}
// dinh dang ngay
	public function Load_Lag($Str, $Array){		
		foreach($Array as $k=>$v){
			$VT	= strpos($Str,"%d");	
			if($VT>-1){
				$Str = substr($Str,0,$VT).$v.substr($Str, $VT+2);	
			}
		}
		return $Str;
	}
// lay ip	
	function getRealIPAddress(){  
		if(!empty($_SERVER['HTTP_CLIENT_IP'])){
			//check ip from share internet
			$ip = $_SERVER['HTTP_CLIENT_IP'];
		}else if(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
			//to check ip is pass from proxy
			$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
		}else{
			$ip = $_SERVER['REMOTE_ADDR'];
		}
		return $ip;
	}
// phan trang thuong
	public function GetPageNom($TongItem,$SoItem,$Show,$Page){
		$Kq=array();
		if(is_numeric($TongItem) && is_numeric($SoItem) && ($SoItem>0) && is_numeric($Show)){
			$SoTrang=ceil($TongItem/$SoItem);
			if($Page<1 || !is_numeric($Page)){
				$Page=1;
			}else if($Page>$SoTrang){
				$Page=$SoTrang;
			}
			$Page=floor($Page);
			$ShowTam=$Show;
			if($ShowTam>$SoTrang){
				$ShowTam=$SoTrang;
			}
			if($Page<=floor($Show/2)){
				for($i=1;$i<=$ShowTam;$i++){
					$Kq[$i]=$i;
				}
			}else if($Page>$SoTrang-floor($Show/2)){
				for($i=1;$i<=$ShowTam;$i++){
					$Kq[$i]=$SoTrang-($ShowTam-$i);
				}
			}else{
				for($i=0;$i<$ShowTam;$i++){
					$Kq[$i]=$Page-floor($Show/2)+$i;
				}
			}
		}
		return $Kq;
	}
}
 ?>